#include "abacus.h"



/* Optimized 32-bit code */


	/* The Abacus S-box.  Randomly generated 8x8 S-box with good properties.  */
	const unsigned int sbox[256] = {
		0xe3, 0x84, 0xf0, 0xd6, 0xf9, 0xf6, 0xbe, 0x90, 0x85, 0x7d, 0x28, 0x43, 0x12, 0xc0, 0xe1, 0xb4,
		0x55, 0xc7, 0x8c, 0x87, 0x42, 0xe0, 0xd9, 0x27, 0x78, 0xec, 0xcb, 0x07, 0xaa, 0x95, 0xc1, 0x3f,
		0xb2, 0xdc, 0x26, 0xa7, 0x1f, 0xdf, 0xf3, 0x54, 0xd2, 0xe7, 0x24, 0x3e, 0x32, 0xd1, 0x56, 0xc6,
		0x35, 0x73, 0xf7, 0x7b, 0x62, 0x29, 0x52, 0x80, 0xa9, 0xba, 0xab, 0xe9, 0x02, 0x53, 0x6a, 0xe4,
		0x67, 0xa0, 0x8e, 0xfb, 0x9a, 0x79, 0x4e, 0x8d, 0xe5, 0x4a, 0x41, 0xaf, 0x5a, 0x5c, 0xa6, 0x6b,
		0x16, 0x5e, 0xe8, 0x3c, 0x9c, 0x5b, 0x88, 0x76, 0x15, 0xf4, 0x60, 0xbd, 0x83, 0x98, 0x8f, 0xc8,
		0x09, 0x68, 0x0d, 0x18, 0x65, 0x45, 0x04, 0xce, 0x7a, 0xf2, 0x39, 0xc5, 0x9e, 0xf1, 0x17, 0xef,
		0x38, 0x21, 0x94, 0x86, 0x69, 0x37, 0xf5, 0xed, 0x36, 0x66, 0xcf, 0x3b, 0x63, 0x4b, 0x33, 0xb6,
		0xff, 0xbc, 0x11, 0x5d, 0xb3, 0x2b, 0xd3, 0xd0, 0x3a, 0x96, 0x77, 0x7c, 0x1c, 0xc2, 0xfe, 0x0a,
		0xc3, 0x25, 0x4d, 0xfc, 0x89, 0xde, 0x30, 0x23, 0x64, 0x81, 0xd5, 0xae, 0x70, 0xdb, 0xe6, 0x7e,
		0xb0, 0x6f, 0x0f, 0xd7, 0xbf, 0x9b, 0xc4, 0x74, 0xb7, 0x57, 0x4f, 0x58, 0x10, 0x2d, 0xa4, 0xb9,
		0xa2, 0xad, 0x61, 0xeb, 0xac, 0x1a, 0xa3, 0xd8, 0x2c, 0x5f, 0x91, 0x2f, 0x72, 0x31, 0xb1, 0x82,
		0x49, 0xda, 0x0c, 0xca, 0x00, 0xa1, 0xb5, 0x75, 0x6e, 0x47, 0x6d, 0x13, 0x19, 0x93, 0x20, 0x05,
		0x01, 0x9f, 0x1d, 0x44, 0x8a, 0x1e, 0x50, 0x34, 0xfa, 0x9d, 0xa8, 0x8b, 0x0b, 0x4c, 0xa5, 0x2e,
		0x71, 0xf8, 0x40, 0xcd, 0x99, 0xfd, 0x51, 0x59, 0x0e, 0x2a, 0x3d, 0x92, 0x14, 0x48, 0x6c, 0xea,
		0x46, 0x22, 0xcc, 0x06, 0xd4, 0x97, 0xe2, 0x1b, 0xdd, 0x7f, 0xbb, 0xc9, 0xb8, 0x03, 0xee, 0x08
	};

	/* Multiplication by 2 in Finite Field 0x1b */
	const unsigned int gf_mult2[256] = {
		0x00, 0x02, 0x04, 0x06, 0x08, 0x0a, 0x0c, 0x0e, 0x10, 0x12, 0x14, 0x16, 0x18, 0x1a, 0x1c, 0x1e,
		0x20, 0x22, 0x24, 0x26, 0x28, 0x2a, 0x2c, 0x2e, 0x30, 0x32, 0x34, 0x36, 0x38, 0x3a, 0x3c, 0x3e,
		0x40, 0x42, 0x44, 0x46, 0x48, 0x4a, 0x4c, 0x4e, 0x50, 0x52, 0x54, 0x56, 0x58, 0x5a, 0x5c, 0x5e,
		0x60, 0x62, 0x64, 0x66, 0x68, 0x6a, 0x6c, 0x6e, 0x70, 0x72, 0x74, 0x76, 0x78, 0x7a, 0x7c, 0x7e,
		0x80, 0x82, 0x84, 0x86, 0x88, 0x8a, 0x8c, 0x8e, 0x90, 0x92, 0x94, 0x96, 0x98, 0x9a, 0x9c, 0x9e,
		0xa0, 0xa2, 0xa4, 0xa6, 0xa8, 0xaa, 0xac, 0xae, 0xb0, 0xb2, 0xb4, 0xb6, 0xb8, 0xba, 0xbc, 0xbe,
		0xc0, 0xc2, 0xc4, 0xc6, 0xc8, 0xca, 0xcc, 0xce, 0xd0, 0xd2, 0xd4, 0xd6, 0xd8, 0xda, 0xdc, 0xde,
		0xe0, 0xe2, 0xe4, 0xe6, 0xe8, 0xea, 0xec, 0xee, 0xf0, 0xf2, 0xf4, 0xf6, 0xf8, 0xfa, 0xfc, 0xfe,
		0x1b, 0x19, 0x1f, 0x1d, 0x13, 0x11, 0x17, 0x15, 0x0b, 0x09, 0x0f, 0x0d, 0x03, 0x01, 0x07, 0x05,
		0x3b, 0x39, 0x3f, 0x3d, 0x33, 0x31, 0x37, 0x35, 0x2b, 0x29, 0x2f, 0x2d, 0x23, 0x21, 0x27, 0x25,
		0x5b, 0x59, 0x5f, 0x5d, 0x53, 0x51, 0x57, 0x55, 0x4b, 0x49, 0x4f, 0x4d, 0x43, 0x41, 0x47, 0x45,
		0x7b, 0x79, 0x7f, 0x7d, 0x73, 0x71, 0x77, 0x75, 0x6b, 0x69, 0x6f, 0x6d, 0x63, 0x61, 0x67, 0x65,
		0x9b, 0x99, 0x9f, 0x9d, 0x93, 0x91, 0x97, 0x95, 0x8b, 0x89, 0x8f, 0x8d, 0x83, 0x81, 0x87, 0x85,
		0xbb, 0xb9, 0xbf, 0xbd, 0xb3, 0xb1, 0xb7, 0xb5, 0xab, 0xa9, 0xaf, 0xad, 0xa3, 0xa1, 0xa7, 0xa5,
		0xdb, 0xd9, 0xdf, 0xdd, 0xd3, 0xd1, 0xd7, 0xd5, 0xcb, 0xc9, 0xcf, 0xcd, 0xc3, 0xc1, 0xc7, 0xc5,
		0xfb, 0xf9, 0xff, 0xfd, 0xf3, 0xf1, 0xf7, 0xf5, 0xeb, 0xe9, 0xef, 0xed, 0xe3, 0xe1, 0xe7, 0xe5
	};


	/* Multiplication by 3 in Finite Field 0x1b */
	const unsigned int gf_mult3[256] = {
		0x00, 0x03, 0x06, 0x05, 0x0c, 0x0f, 0x0a, 0x09, 0x18, 0x1b, 0x1e, 0x1d, 0x14, 0x17, 0x12, 0x11,
		0x30, 0x33, 0x36, 0x35, 0x3c, 0x3f, 0x3a, 0x39, 0x28, 0x2b, 0x2e, 0x2d, 0x24, 0x27, 0x22, 0x21,
		0x60, 0x63, 0x66, 0x65, 0x6c, 0x6f, 0x6a, 0x69, 0x78, 0x7b, 0x7e, 0x7d, 0x74, 0x77, 0x72, 0x71,
		0x50, 0x53, 0x56, 0x55, 0x5c, 0x5f, 0x5a, 0x59, 0x48, 0x4b, 0x4e, 0x4d, 0x44, 0x47, 0x42, 0x41,
		0xc0, 0xc3, 0xc6, 0xc5, 0xcc, 0xcf, 0xca, 0xc9, 0xd8, 0xdb, 0xde, 0xdd, 0xd4, 0xd7, 0xd2, 0xd1,
		0xf0, 0xf3, 0xf6, 0xf5, 0xfc, 0xff, 0xfa, 0xf9, 0xe8, 0xeb, 0xee, 0xed, 0xe4, 0xe7, 0xe2, 0xe1,
		0xa0, 0xa3, 0xa6, 0xa5, 0xac, 0xaf, 0xaa, 0xa9, 0xb8, 0xbb, 0xbe, 0xbd, 0xb4, 0xb7, 0xb2, 0xb1,
		0x90, 0x93, 0x96, 0x95, 0x9c, 0x9f, 0x9a, 0x99, 0x88, 0x8b, 0x8e, 0x8d, 0x84, 0x87, 0x82, 0x81,
		0x9b, 0x98, 0x9d, 0x9e, 0x97, 0x94, 0x91, 0x92, 0x83, 0x80, 0x85, 0x86, 0x8f, 0x8c, 0x89, 0x8a,
		0xab, 0xa8, 0xad, 0xae, 0xa7, 0xa4, 0xa1, 0xa2, 0xb3, 0xb0, 0xb5, 0xb6, 0xbf, 0xbc, 0xb9, 0xba,
		0xfb, 0xf8, 0xfd, 0xfe, 0xf7, 0xf4, 0xf1, 0xf2, 0xe3, 0xe0, 0xe5, 0xe6, 0xef, 0xec, 0xe9, 0xea,
		0xcb, 0xc8, 0xcd, 0xce, 0xc7, 0xc4, 0xc1, 0xc2, 0xd3, 0xd0, 0xd5, 0xd6, 0xdf, 0xdc, 0xd9, 0xda,
		0x5b, 0x58, 0x5d, 0x5e, 0x57, 0x54, 0x51, 0x52, 0x43, 0x40, 0x45, 0x46, 0x4f, 0x4c, 0x49, 0x4a,
		0x6b, 0x68, 0x6d, 0x6e, 0x67, 0x64, 0x61, 0x62, 0x73, 0x70, 0x75, 0x76, 0x7f, 0x7c, 0x79, 0x7a,
		0x3b, 0x38, 0x3d, 0x3e, 0x37, 0x34, 0x31, 0x32, 0x23, 0x20, 0x25, 0x26, 0x2f, 0x2c, 0x29, 0x2a,
		0x0b, 0x08, 0x0d, 0x0e, 0x07, 0x04, 0x01, 0x02, 0x13, 0x10, 0x15, 0x16, 0x1f, 0x1c, 0x19, 0x1a
	};


	/* Null bytes. 280 of them. These are used during the blank rounds */
	const unsigned char nullBytes[280] = {
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
	};





HashReturn Init(hashState *state, int hashbitlen)
{
	int i, siz;


	/* Zero-out the State struct! */
	siz = sizeof(*state);
	for (i = 0; i < siz; i ++) {
		((unsigned char*)state) [i] = 0x00;
	}




	state->HashLenBits  = hashbitlen;
	state->HashLenBytes = ((hashbitlen+7)/8);

	if (hashbitlen <= 0) {return BAD_HASHBITLEN; }


	/* Reset the total msg len value. (It's 128 bit value.) */
	for (i = 0; i < 4; i++)
		state->TotalMsgLenBits[i] = 0;



	/* Initialize the Counters */
	state->c1 = 0;
	state->c2 = 0;
	state->c3 = 0;
	state->c4 = 0;

	/* Set the Output Feedback Variable to 0 */
	state->out = 0;


	/* Set the initial pointers for the rolling arrays */
	state->rb = (unsigned int*)(state->tru_rb);
	state->rc = (unsigned int*)(state->tru_rc);
	state->rd = (unsigned int*)(state->tru_rd);

	/* Find the "end of array" markers */
	state->eoa_rb = (unsigned int*)&(state->tru_rb[RB_ALLOC-5]);
	state->eoa_rc = (unsigned int*)&(state->tru_rc[RC_ALLOC-37]);
	state->eoa_rd = (unsigned int*)&(state->tru_rd[RD_ALLOC-89]);


	/* Copy the first 132 entries of the S-box into the rolling arrays */
	state->ra = sbox[0];

	for (i = 0; i < 5; i ++)
		state->rb[i] = sbox[i+1];

	for (i = 0; i < 37; i ++)
		state->rc[i] = sbox[i+6];

	for (i = 0; i < 89; i ++)
		state->rd[i] = sbox[i+43];




	/* Build the "train" by concatenating HASH_LEN and MSG_LEN. It's 20 bytes long. */
	/* NOTE: In this implementation, we are NOT using a salt */


	/* Convert the HASH_LEN_BITS into a 4-byte string */
	/* This code SHOULD be endian-neutral. */
	state->train[0] = (unsigned char)((hashbitlen >> 24) & 0xff);
	state->train[1] = (unsigned char)((hashbitlen >> 16) & 0xff);
	state->train[2] = (unsigned char)((hashbitlen >> 8) & 0xff);
	state->train[3] = (unsigned char)((hashbitlen) & 0xff);


	/* In an ideal implementation, Abacus will know MsgLen ahead of time!
	   But for now, assume we don't, and set it to zero... */
	for (i = 0; i < 16; i ++) {state->train[i+4] = 0;}

	/* Set the blnIncrTotalMsgLen flag, so that TotalMsgLen isn't increased!*/
	state->blnIncrTotalMsgLen = 0;
	/* Absorb the 20-byte train */
	Update(state, state->train, 160);
	/* Done with prepending; set the BlankRound flag to false*/
	state->blnIncrTotalMsgLen = 1;



	return SUCCESS;
}




HashReturn Update(hashState *state, const BitSequence *data, DataLength databitlen)
{
	unsigned int	c1, c2, c3, c4;
	unsigned int	ra, *rb, *rc, *rd;
	unsigned int	mds[4] = {0,0,0,0};
	unsigned int	j;
	unsigned int	*eoa_rb, *eoa_rc, *eoa_rd;
	unsigned int	i, clock, len, prev;



	/* Temporary variables ... these are faster than accessing the struct every time you want internal state data! */
	eoa_rb = state->eoa_rb;
	eoa_rc = state->eoa_rc;
	eoa_rd = state->eoa_rd;

	ra = state->ra;
	rb = state->rb;
	rc = state->rc;
	rd = state->rd;

	c1 = state->c1;
	c2 = state->c2;
	c3 = state->c3;
	c4 = state->c4;



	len = state->MsgLenBytes = ((databitlen+7)/8);

	/* only increase the overall msg length if blnIncrTotalMsgLen is TRUE */
	if (state->blnIncrTotalMsgLen == 1)
	{
		/* 128-bit addition */
		prev = state->TotalMsgLenBits[3];
		state->TotalMsgLenBits[3] += databitlen;
		if (state->TotalMsgLenBits[3] < prev) {			/* overflow of the 32-bit value! increment the higher-order word */
			prev = state->TotalMsgLenBits[2];
			state->TotalMsgLenBits[2] ++;
			if (state->TotalMsgLenBits[2] < prev) {		/* overflow of the 64-bit value! increment the higher-order word */
				prev = state->TotalMsgLenBits[1];
				state->TotalMsgLenBits[1] ++;
				if (state->TotalMsgLenBits[1] < prev) {	/* overflow of the 96-bit value! increment the higher-order word */
					state->TotalMsgLenBits[0] ++;
				}
			}
		}
	}



	/* Absorb the message one  byte at a time. There may be several clocks */
	for (i = 0; i < len; i ++)
	{
		for (clock = 0; clock < NUM_ABSORB_CLOCKS; clock++)
		{

			/* First S-box Pass. Combine it with Counter XORs */
			ra    = sbox[ra    ^ rd[58]]  ^  c1;
			rd[0] = sbox[rd[0] ^ data[i]] ^  c4;
			rb[0] = sbox[rb[0] ^ rc[24]]  ^  c2;
			rc[0] = sbox[rc[0] ^ rb[3]]   ^  c3;


			/* This approach seems faster on a 32-bit compiler / machine */
			mds[0] = ra     ^  rb[0]  ^  gf_mult3[ rc[0] ]  ^  gf_mult2[ rd[0] ];
			mds[1] = rb[0]  ^  rc[0]  ^  gf_mult3[ rd[0] ]  ^  gf_mult2[ ra ];
			mds[2] = rc[0]  ^  rd[0]  ^  gf_mult3[ ra ]     ^  gf_mult2[ rb[0] ];
			mds[3] = rd[0]  ^  ra     ^  gf_mult3[ rb[0] ]  ^  gf_mult2[ rc[0] ];


			/* Second S-box Pass for ra */
			ra    = sbox[mds[0]];


			/* Combine Rotate() of the rolling arrays with 2nd pass of S-boxes */
			rb[5] = sbox[mds[1]];
			rb++;
			if (rb == eoa_rb)
			{
				rb = state->tru_rb;
				for (j = 0; j < 5; j ++)
					rb[j] = rb[j+(RB_ALLOC-5)];
			}


			rc[37] = sbox[mds[2]];
			rc++;
			if (rc == eoa_rc)
			{
				rc = state->tru_rc;
				for (j = 0; j < 37; j ++)
					rc[j] = rc[j+(RC_ALLOC-37)];
			}


			rd[89] = sbox[mds[3]];
			rd++;
			if (rd == eoa_rd)
			{
				rd = state->tru_rd;
				for (j = 0; j < 89; j ++)
					rd[j] = rd[j+(RD_ALLOC-89)];
			}



			/* Increment the counters */
			c1 ++;		if (c1 == 233) {c1 = 0;}
			c2 ++;		if (c2 == 239) {c2 = 0;}
			c3 ++;		if (c3 == 241) {c3 = 0;}
			c4 ++;		if (c4 == 251) {c4 = 0;}

		}
	}


	/* Copy the temp variables back into the struct */
	state->ra = ra;
	state->rb = rb;
	state->rc = rc;
	state->rd = rd;

	state->c1 = c1;
	state->c2 = c2;
	state->c3 = c3;
	state->c4 = c4;




	return SUCCESS;
}




HashReturn Final(hashState *state, BitSequence *hashval)
{
	unsigned int	c1, c2, c3, c4;
	unsigned int	ra, *rb, *rc, *rd;
	unsigned int	mds[4] = {0,0,0,0};
	unsigned int	j;
	unsigned int	out;
	unsigned int	*eoa_rb, *eoa_rc, *eoa_rd;
	unsigned int	i, clock, len;






	/* First, append the "Train" of  (SALT || HASH_LEN_BITS || MSG_LEN_BITS) to the message   (in this case, there is no salt */
	/* Extract the 128-bit value which represents the total message length, in bits */
	/* This code SHOULD be endian-neutral */
	state->train[4]  = (unsigned char) ((state->TotalMsgLenBits[0] >> 24) & 0xff);
	state->train[5]  = (unsigned char) ((state->TotalMsgLenBits[0] >> 16) & 0xff);
	state->train[6]  = (unsigned char) ((state->TotalMsgLenBits[0] >> 8) & 0xff);
	state->train[7]  = (unsigned char) ((state->TotalMsgLenBits[0]) & 0xff);
	state->train[8]  = (unsigned char) ((state->TotalMsgLenBits[1] >> 24) & 0xff);
	state->train[9]  = (unsigned char) ((state->TotalMsgLenBits[1] >> 16) & 0xff);
	state->train[10] = (unsigned char) ((state->TotalMsgLenBits[1] >> 8) & 0xff);
	state->train[11] = (unsigned char) ((state->TotalMsgLenBits[1]) & 0xff);
	state->train[12] = (unsigned char) ((state->TotalMsgLenBits[2] >> 24) & 0xff);
	state->train[13] = (unsigned char) ((state->TotalMsgLenBits[2] >> 16) & 0xff);
	state->train[14] = (unsigned char) ((state->TotalMsgLenBits[2] >> 8) & 0xff);
	state->train[15] = (unsigned char) ((state->TotalMsgLenBits[2]) & 0xff);
	state->train[16] = (unsigned char) ((state->TotalMsgLenBits[3] >> 24) & 0xff);
	state->train[17] = (unsigned char) ((state->TotalMsgLenBits[3] >> 16) & 0xff);
	state->train[18] = (unsigned char) ((state->TotalMsgLenBits[3] >> 8) & 0xff);
	state->train[19] = (unsigned char) ((state->TotalMsgLenBits[3]) & 0xff);

	/* Then, absorb the train and also 135 blank rounds */
	state->blnIncrTotalMsgLen = 0;
	Update(state, state->train, 160);
	Update(state, nullBytes, NUM_BLANK_ROUNDS*8);
	state->blnIncrTotalMsgLen = 1;





	/* Use temporary variables for the state. Faster. */
	eoa_rb = state->eoa_rb;
	eoa_rc = state->eoa_rc;
	eoa_rd = state->eoa_rd;

	out = state->out;

	ra = state->ra;
	rb = state->rb;
	rc = state->rc;
	rd = state->rd;

	c1 = state->c1;
	c2 = state->c2;
	c3 = state->c3;
	c4 = state->c4;


	/* Now squeeze out the hash */
	len = state->HashLenBytes;



	for (i = 0; i < len; i ++)
	{
		for (clock = 0; clock < NUM_SQUEEZE_CLOCKS; clock++)
		{

			/* First S-box Pass. Combine it with Counter XORs */
			ra    = sbox[ra    ^ rd[58]]  ^  c1;
			rd[0] = sbox[rd[0] ^ out]     ^  c4;  /* output feedback */
			rb[0] = sbox[rb[0] ^ rc[24]]  ^  c2;
			rc[0] = sbox[rc[0] ^ rb[3]]   ^  c3;


			/* MDS4 step. This approach seems to be faster on a 32-bit compiler. */
			mds[0] = ra     ^  rb[0]  ^  gf_mult3[ rc[0] ]  ^  gf_mult2[ rd[0] ];
			mds[1] = rb[0]  ^  rc[0]  ^  gf_mult3[ rd[0] ]  ^  gf_mult2[ ra ];
			mds[2] = rc[0]  ^  rd[0]  ^  gf_mult3[ ra ]     ^  gf_mult2[ rb[0] ];
			mds[3] = rd[0]  ^  ra     ^  gf_mult3[ rb[0] ]  ^  gf_mult2[ rc[0] ];



			/* Second S-box Pass of ra. */
			ra    = sbox[mds[0]];


			/* Combine Rotate() of the rolling arrays with 2nd pass of S-boxes */
			rb[5] = sbox[mds[1]];
			rb++;
			if (rb == eoa_rb)
			{
				rb = state->tru_rb;
				for (j = 0; j < 5; j ++)
					rb[j] = rb[j+(RB_ALLOC-5)];
			}


			rc[37] = sbox[mds[2]];
			rc++;
			if (rc == eoa_rc)
			{
				rc = state->tru_rc;
				for (j = 0; j < 37; j ++)
					rc[j] = rc[j+(RC_ALLOC-37)];
			}


			rd[89] = sbox[mds[3]];
			rd++;
			if (rd == eoa_rd)
			{
				rd = state->tru_rd;
				for (j = 0; j < 89; j ++)
					rd[j] = rd[j+(RD_ALLOC-89)];
			}



			/* Generate output byte */
			out = sbox[ra ^ rb[4]]  ^  sbox[rc[36] ^ rd[88]];
			hashval[i] = out;



			/* Increment the counters */
			c1 ++;		if (c1 == 233) {c1 = 0;}
			c2 ++;		if (c2 == 239) {c2 = 0;}
			c3 ++;		if (c3 == 241) {c3 = 0;}
			c4 ++;		if (c4 == 251) {c4 = 0;}
		}
	}




	/* Copy the temp variables back into the state */
	state->out = out;

	state->ra = ra;
	state->rb = rb;
	state->rc = rc;
	state->rd = rd;

	state->c1 = c1;
	state->c2 = c2;
	state->c3 = c3;
	state->c4 = c4;



	return SUCCESS;
}





HashReturn Hash(int hashbitlen, const BitSequence *data, DataLength databitlen, BitSequence *hashval)
{
	int				siz, idx;
	hashState		state;


	if (hashbitlen <= 0) {return BAD_HASHBITLEN; }


	/* Blank out the state, just in case of some weird memory leak */
	siz = sizeof(state);
	for (idx = 0; idx < siz; idx++)
	{
		((unsigned char*)&state)[idx] = 0x00;
	}


	Init(&state, hashbitlen);
	Update(&state, data, databitlen);
	Final(&state, hashval);


	return SUCCESS;
}



